Uploaded byBruno Motta Rego
Fraud Analytics Techniques Moving Into Security
The document discusses the current challenges in fraud analytics and security, emphasizing that 60% of attackers can breach organizations quickly and that phishing remains a significant threat. It highlights the techniques of fraudsters, the importance of combining anti-fraud measures with security layers, and urges businesses to be aware of vulnerabilities and adopt robust authentication processes, such as DMARC. Overall, it stresses the need for a comprehensive approach to fraud prevention that includes customer awareness and continuous monitoring.
More Related Content
![How a Ransomware Infects your Computer [INFOGRAPHIC]](https://cdn.slidesharecdn.com/ss_thumbnails/howransomwaregetintoyoursysteminfographic1-171012110357-thumbnail.jpg?width=640&height=640&fit=bounds)
![[Infographic] How ransomware gets into your system](https://cdn.slidesharecdn.com/ss_thumbnails/howransomwaregetsintoyoursystem-seqrite-171012073257-thumbnail.jpg?width=640&height=640&fit=bounds)
Fraud Analytics Techniques Moving Into Security
- 1. Fraud Analytics TechniquesMoving Into Security Bruno Motta Rego @brunomottarego
- 2. Agenda Scenario How Fraud Works Techniques Layers BrandProtection Challenge
- 3.
- 4.
- 5. Data Breach BREACH TRENDS ! IN60% OF CASES, ATTACKERS ARE ABLE TO COMPROMISE AN ORGANIZATION WITHIN MINUTES. ! PHISHING ! 23% OF RECIPIENTS NOW OPEN PHISHING MESSAGES AND 11% CLICK ON ATTACHMENTS. ! NEARLY 50% OPEN E-MAILS AND CLICK ON PHISHING LINKS WITHIN THE FIRST HOUR. ! VULNERABILITIES ! 99.9% OF THE EXPLOITED VULNERABILITIES WERE COMPROMISED MORE THAN A YEAR AFTER THE CVE WAS PUBLISHED.
- 6.
- 7.
- 8. So… Account takeover. Identity fraud. Useof stolen financial account.
- 9. Key Findings Attackers identifythe least resistance point, and they perform their attacks avoiding common fraud detection rules. Fraudsters are exploiting human weaknesses. Tools cannot detect or prevent social engineering. Monitor your business. Anti-Fraud system, security layers and adaptive access control must being incorporated with SIEM, identity systems and other security vendors to monitor the users/customers behavior trends.
- 10.
- 11. Brand Protection. Customer Awareness. Endpoint-centric. Navigation-centric. Multi-channel,Holistic, Account-centric. Layers: InfoSec & Anti-Fraud
- 12.
- 13. DMARC and theEmail Authentication Process Minimize false positives. Provide robust authentication reporting. Assert sender policy at receivers. Reduce successful phishing delivery. Work at Internet scale. Minimize complexity. DMARC (DKIM + SPF) source: DMARC Overview https://dmarc.org/overview/
- 14. Challenge yourself. Challengeyour vendor. Understand the broader campaign. Exchange of Information with your market segment and also competitor. Remember: your business is more than compliance standpoints. Challenge Ourselves
- 15.